Merge pull request #29 from jrconlin/draft/python

feat: Add int "aes128gcm" content-type handling to python.

Author: martinthomson

nodejs/test.js

@@ -4,6 +4,8 @@ var crypto = require('crypto');
 var ece = require('./ece.js');
 var base64 = require('urlsafe-base64');
 var assert = require('assert');
+var fs = require('fs');
+
 
 // Usage: node test.js [args]
 // If args contains a version (e.g., aes128gcm), filter on versions.
@@ -35,6 +37,7 @@ if (process.argv.length >= 3) {
   } else {
     plaintext = new Buffer(process.argv[2], 'ascii');
   }
+  dump = ( process.argv.indexOf('dump') != -1)
 }
 function filterTests(fullList) {
   var filtered = fullList.filter(function(t) {
@@ -59,12 +62,16 @@ function logbuf(msg, buf) {
   }
 }
 
+// Validate that the encryption function only accepts Buffers
 function validate() {
   ['hello', null, 1, NaN, [], {}].forEach(function(v) {
     try {
-      encrypt('hello', {});
-      throw new Error('should insist on a buffer');
-    } catch (e) {}
+      ece.encrypt(v, {});
+    } catch (e) {
+      if (e.toString() != "Error: buffer argument must be a Buffer") {
+        throw new Error("encrypt failed to reject " + JSON.stringify(v));
+      }
+    }
   });
 }
 
@@ -104,6 +111,21 @@ function encryptDecrypt(input, encryptParams, decryptParams) {
   logbuf('Encrypted', encrypted);
   var decrypted = ece.decrypt(encrypted, decryptParams);
   logbuf('Decrypted', decrypted);
+  if (dump) {
+    var data = {
+      version: version,
+      input: base64.encode(input),
+      encrypted: base64.encode(encrypted),
+      params: {
+        encrypted: encryptParams,
+        decrypt: decryptParams,
+      }
+    };
+    if (keyData) {
+      data.keys = keyData;
+    }
+    dumpData(data);
+  }
   assert.equal(Buffer.compare(input, decrypted), 0);
   log('----- OK');
 }
@@ -155,7 +177,7 @@ function detectTruncation(version) {
   logbuf('Encrypted', encrypted);
   var ok = false;
   try {
-    ece.decrypt(encrypted, params);
+    ece.decrypt(encrypted, params, params, version);
   } catch (e) {
     log('----- OK: ' + e);
     ok = true;
@@ -282,4 +304,4 @@ filterTests([ 'aesgcm128', 'aesgcm', 'aes128gcm' ])
   });
 checkExamples();
 
-log('All tests passed.');
+log('All tests passed.');

python/.coveragerc

@@ -0,0 +1,4 @@
+[report]
+omit =
+    *noseplugin*
+show_missing = true

python/.noserc

@@ -0,0 +1,12 @@
+# this file's explicitly loaded from setup.cfg (.noserc isn't a
+# standard config path), separated out due to '%(...)s'
+[nosetests]
+verbose=True
+verbosity=1
+detailed-errors=True
+with-coverage=True
+cover-erase=True
+cover-package=http_ece
+cover-tests=True
+logging-format=%(asctime)s,%(msecs)03d %(name)s: %(levelname)s: %(message)s
+logging-datefmt=%H:%M:%S

python/.travis.yml

@@ -0,0 +1,10 @@
+language: python
+python:
+- "2.7"
+install:
+- pip install -r test-requirements.txt
+script:
+- nosetests
+- flake8 http-ece
+after_success:
+- codecov

python/VERSION_DIFFERENCES.md

@@ -0,0 +1,28 @@
+# Major Differences Between the Various HTTP ECE Versions
+
+## aes128gcm
+* Most current version as of 2016/11
+* `salt`, `rs`, and `key_id` now all contained as preamble for the encrypted content.
+* Sender's public DH key value is sent as the `dh` parameter of the `Crypto-Key` header
+    * The `Encryption` header is no longer required.
+* The context string `WebPush: info\x00` + Receiver's raw public key + Sender's raw public key
+* `keyinfo` string set to `Content-Encoding: aes128gcm\x00`
+* `nonceinfo` string set to `Content-Encoding: nonce\x00`
+
+## aesgcm
+* `salt` contained as 'salt' parameter of the `Encryption` header
+* `key_id` contained as `keyid` parameter of the `Crypto-Key` header
+* Sender's public DH key value is sent as the `dh` parameter of the `Crypto-Key` header
+* The context string is: `P-256\x00\x00\x41` + Receiver's raw public key + `\x00\x41` + Sender's raw public key
+* `keyinfo` string set to `Content-Encoding: aesgcm\x00` + context_string 
+* `nonceinfo` string set to `Content-Encoding: nonce` + context_string
+
+## aesgcm128
+* Most obsolete version
+* `salt` contained as 'salt' parameter of the `Encryption` header
+* `key_id` contained as `keyid` parameter of the `Encryption-Key` header
+* Sender's public DH key value is sent as the `dh` parameter of the `Encryption-Key` header
+* The context string is: `P-256\x00\x00\x41` + Receiver's raw public key + `\x00\x41` + Sender's raw public key
+* `keyinfo` string set to `Content-Encoding: aesgcm128`
+* `nonceinfo` string set to `Content-Encoding: nonce`
+* padding between chunks is only 1 octet.